Merge branch 'v1.2-next' of ssh://git.oauth3.org/OAuth3/oauth3.js into v1.2-next
This commit is contained in:
commit
f4445586a5
|
@ -0,0 +1,96 @@
|
|||
(function () {
|
||||
'use strict';
|
||||
|
||||
function create(myOpts) {
|
||||
return {
|
||||
requestScope: function (opts) {
|
||||
// TODO pre-generate URL
|
||||
|
||||
// deliver existing session if it exists
|
||||
var scope = opts && opts.scope || [];
|
||||
if (myOpts.session) {
|
||||
if (!scope.length || scope.every(function (scp) {
|
||||
return -1 !== opts.myOpts.session.scope.indexOf(scp);
|
||||
})) {
|
||||
return OAUTH3.PromiseA.resolve(myOpts.session);
|
||||
}
|
||||
}
|
||||
|
||||
// request a new session otherwise
|
||||
return OAUTH3.implicitGrant(myOpts.directives, {
|
||||
client_id: myOpts.conf.client_uri
|
||||
, client_uri: myOpts.conf.client_uri
|
||||
// maybe use inline instead?
|
||||
, windowType: 'popup'
|
||||
, scope: scope
|
||||
}).then(function (session) {
|
||||
return session;
|
||||
});
|
||||
}
|
||||
, session: function () {
|
||||
return myOpts.session;
|
||||
}
|
||||
, refresh: function (session) {
|
||||
return OAUTH3.implicitGrant(myOpts.directives, {
|
||||
client_id: myOpts.conf.client_uri
|
||||
, client_uri: myOpts.conf.client_uri
|
||||
, windowType: 'background'
|
||||
}).then(function (_session) {
|
||||
session = _session;
|
||||
return session;
|
||||
});
|
||||
}
|
||||
, logout: function () {
|
||||
return OAUTH3.logout(myOpts.directives, {
|
||||
client_id: myOpts.conf.client_uri
|
||||
, client_uri: myOpts.conf.client_uri
|
||||
});
|
||||
}
|
||||
, switchUser: function () {
|
||||
// should open dialog with user selection dialog
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
window.navigator.auth = {
|
||||
getUserAuthenticator: function (opts) {
|
||||
var conf = {};
|
||||
var directives;
|
||||
var session;
|
||||
|
||||
opts = opts || {};
|
||||
conf.client_uri = opts.client_uri || OAUTH3.clientUri(opts.location || window.location);
|
||||
|
||||
return OAUTH3.issuer({ broker: opts.issuer_uri || 'https://new.oauth3.org' }).then(function (issuer) {
|
||||
conf.issuer_uri = issuer;
|
||||
conf.provider_uri = issuer;
|
||||
|
||||
return OAUTH3.directives(conf.provider_uri, {
|
||||
client_id: conf.client_uri
|
||||
, client_uri: conf.client_uri
|
||||
}).then(function (_directives) {
|
||||
directives = _directives;
|
||||
var myOpts = {
|
||||
directives: directives
|
||||
, conf: conf
|
||||
};
|
||||
|
||||
return OAUTH3.implicitGrant(directives, {
|
||||
client_id: conf.client_uri
|
||||
, client_uri: conf.client_uri
|
||||
, windowType: 'background'
|
||||
}).then(function (_session) {
|
||||
session = _session;
|
||||
myOpts.session = session;
|
||||
return create(myOpts);
|
||||
}, function (err) {
|
||||
console.error('[DEBUG] implicitGrant err:');
|
||||
console.error(err);
|
||||
return create(myOpts);
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
};
|
||||
|
||||
}());
|
|
@ -176,7 +176,7 @@
|
|||
}
|
||||
, scope: {
|
||||
parse: function (scope) {
|
||||
return (scope||'').split(/[+, ]+/g);
|
||||
return (scope||'').toString().split(/[+, ]+/g);
|
||||
}
|
||||
, stringify: function (scope) {
|
||||
if (Array.isArray(scope)) {
|
||||
|
@ -896,7 +896,8 @@
|
|||
if (!opts) { opts = {}; }
|
||||
|
||||
// TODO this will default to browserlogin.org
|
||||
var broker = opts.broker || 'https://broker.oauth3.org';
|
||||
var broker = opts.broker || 'https://new.oauth3.org';
|
||||
//var broker = opts.broker || 'https://broker.oauth3.org';
|
||||
|
||||
opts._rpc = "broker";
|
||||
opts._scheme = "localstorage:";
|
||||
|
@ -1016,12 +1017,19 @@
|
|||
});
|
||||
});
|
||||
}
|
||||
, logout: function(providerUri, opts) {
|
||||
return OAUTH3.hooks.directives.get(providerUri).then(function (directives) {
|
||||
, logout: function(issuerUri, opts) {
|
||||
var directives;
|
||||
if ('string' !== typeof issuerUri) {
|
||||
directives = issuerUri;
|
||||
return OAUTH3._logoutHelper(directives, opts);
|
||||
}
|
||||
|
||||
return OAUTH3.hooks.directives.get(issuerUri).then(function (directives) {
|
||||
return OAUTH3._logoutHelper(directives, opts);
|
||||
});
|
||||
}
|
||||
, _logoutHelper: function(providerUri, directives, opts) {
|
||||
, _logoutHelper: function(directives, opts) {
|
||||
var issuerUri = directives.issuer_uri || directives.provider_uri;
|
||||
var logoutReq = OAUTH3.urls.logout(
|
||||
directives
|
||||
, { client_id: (opts.client_id || opts.client_uri || OAUTH3.clientUri(OAUTH3._browser.window.location))
|
||||
|
@ -1044,10 +1052,10 @@
|
|||
|
||||
if (params.error) {
|
||||
// TODO directives.audience
|
||||
return OAUTH3.PromiseA.reject(OAUTH3.error.parse(directives.issuer /*providerUri*/, params));
|
||||
return OAUTH3.PromiseA.reject(OAUTH3.error.parse(directives.issuer /*issuerUri*/, params));
|
||||
}
|
||||
|
||||
OAUTH3.hooks.session.clear(providerUri);
|
||||
OAUTH3.hooks.session.clear(issuerUri);
|
||||
return params;
|
||||
});
|
||||
}
|
||||
|
|
|
@ -371,8 +371,8 @@ OAUTH3.authn.resourceOwnerPassword = function (directive, opts) {
|
|||
OAUTH3.authz = {};
|
||||
OAUTH3.authz.scopes = function (providerUri, session, clientParams) {
|
||||
var clientUri = OAUTH3.uri.normalize(clientParams.client_uri || OAUTH3._browser.window.document.referrer);
|
||||
var scope = clientParams.scope || 'oauth3_authn';
|
||||
if ('oauth3_authn' === scope) {
|
||||
var scope = clientParams.scope || 'authn@oauth3.org';
|
||||
if ('authn@oauth3.org' === scope.toString()) {
|
||||
// implicit ppid grant is automatic
|
||||
console.warn('[security] fix scope checking on backend so that we can do automatic grants');
|
||||
// TODO check user preference if implicit ppid grant is allowed
|
||||
|
|
|
@ -27,10 +27,10 @@
|
|||
|
||||
OAUTH3.authz.scopes = function () {
|
||||
return OAUTH3.PromiseA.resolve({
|
||||
pending: ['oauth3_authn'] // not yet accepted
|
||||
, granted: [] // all granted, ever
|
||||
, requested: ['oauth3_authn'] // all requested, now
|
||||
, accepted: [] // granted (ever) and requested (now)
|
||||
pending: [ 'authn@oauth3.org' ] // not yet accepted
|
||||
, granted: [] // all granted, ever
|
||||
, requested: [ 'authn@oauth3.org' ] // all requested, now
|
||||
, accepted: [] // granted (ever) and requested (now)
|
||||
});
|
||||
};
|
||||
OAUTH3.authz.grants = function (providerUri, opts) {
|
||||
|
|
Loading…
Reference in New Issue